0.630 contains a number of bug fixes, including security fixes.
Could you please point out security-related fixes?
* Correct adding slash to control->tmpdir. off-by-one error Environment settings could lead to arbitrary files being overwritten.
(In reply to Yanestra from comment #2) > * Correct adding slash to control->tmpdir. off-by-one error > > Environment settings could lead to arbitrary files being overwritten. Discussion in https://github.com/ckolivas/lrzip/pull/38 states that this isn't really a security problem, but a harmless bug.
There are maybe no security bugfix, but there's an incredibly annoying bug fixed, that prevented lrztar from being used on directories with whitespaces.
Being unable to unpack larger multi-volume archives is also not so nice. That bug was fixed.
(In reply to johncarmack from comment #4) > There are maybe no security bugfix, but there's an incredibly annoying bug > fixed, that prevented lrztar from being used on directories with whitespaces. I was asking about security problems because security vulnerabilities require security team involvement. There's currently no maintainer so this bump can take some time. If you want to speed things up and get that annoying bug fixed, you can contribute by maintaining this package yourself via proxy-maint team: https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers
As far as I can see it's not more required than to rename the ebuild.
*** Bug 587178 has been marked as a duplicate of this bug. ***
committer Amy Winston <amynka@gentoo.org> 2016-07-06 16:40:24 (GMT) commit 8759c82ee21fb03b5044eac80c99d400ed706356 app-arch/lrzip: version bump 0.630 bug #585780 - Add static-libs useflag bug #490060 - Convert patch to p1 - Change homepage I have made some changes to ebuild you submited. If you have any questions why etc don't be afraid to ask here by email or on irc. Thanks :)
